System administrators must often log into an endpoint computing device to manage the device. There is currently no control mechanism on a graphical user interface (GUI) of a device, however, that restricts the activities of the system administrator to perform only actions that are appropriate for the current role and tasks of the administrator.
Thus, a need exists for a mechanism to control access on a user interface to applications, or portions thereof, and data in the GUI based on the current privilege configuration. For example, some license models have different prices at different times. Thus, an enterprise may desire to block services at time when a given licensed tool is more expensive.